<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
   "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>Waterken Server: capability-based security for the Web</title>
<link rel="StyleSheet" type="text/css" href="style.css">
<link rel="icon" type="image/gif" href="icon.gif">
<link rel="alternate" type="application/atom+xml" title="Atom (news summaries)" href="recent.xml">
</head>
<body>
<div class="navigation heading">
<a href="./"><img alt="home" src="icon.gif" width="16" height="16"></a>
</div>
<div class="main">
<a href="http://code.google.com/p/waterken/">project page</a>,
<a href="javadoc/overview-summary.html">javadoc</a>,
<a href="deploy/">install</a>,
<a href="http://lists.sourceforge.net/lists/listinfo/waterken-server">mailing list</a>
<h1><a name="title" href="#title">Waterken<sup>TM</sup> Server</a></h1>
<p>Asynchronous messaging between event loops, such as used in AJAX, is a great
model for building distributed applications. The asynchronous messaging allows
an application to remain responsive in the face of network latency and event
loops allow multiple activities to be pursued, without many of the dangers
inherent in multi-threading. This computing model is made even better with the
addition of promises, a kind of reference that can refer to the result of future
computation, such as the response to an asynchronous message. For example,
promises make it a lot easier to express an algorithm that sends additional
asynchronous messages depending on the results of past messages.  The Waterken
server provides a platform for building such applications in Java and making
them accessible to HTTP-based clients.</p>
<p>Server-side Java code is written to the
<a href="javadoc/overview-summary.html">ref_send API</a>, which defines the
asynchronous invocation interface. The Waterken server implementation of the
ref_send API provides orthogonal persistence and across-the-network transport of
asynchronous invocations. Each invocation is sent as an HTTP request: either a
<code>POST</code> for an update, or a <code>GET</code> for a query. The request
URL fully identifies the invocation target and any arguments are carried in the
request body, encoded in <a href="http://json.org/">JSON</a>. A <a
href="web_send/">JavaScript implementation of the ref_send API</a> facilitates
interaction with server-side objects from within the browser.  For an example
interaction, see the <a href="bang/?o=2009-06-01">Bang Tutorial</a>.</p>
<p>The Waterken server supports use of capability-based security to control the
actions of both server-side objects and remote clients. The ref_send API is
designed for use by code that passes the <a href="http://joe-e.org/">Joe-E</a>
verifier. Using this verifier, capability-based auditing techniques can be
applied to bound the possible effects that can be caused by a server-side
object. The Waterken server implementation itself also passes the Joe-E
verifier.  A remote client can only access a server-side object via a
cryptographically protected capability URL, called a
<a href="web-key/">web-key</a>. By reasoning about what web-keys a remote client
may come to possess, the possible effects on server-side objects can be bounded.
Though the Waterken server is designed for use with the Joe-E verifier, it can
still be used with code that does not pass the verifier.</p>
<h3><a name="concepts" href="#concepts">Concepts</a></h3>
<ul>
<li><a href="web-key/">web-key</a>: Mashing with permission</li>
<li><a href="http://www.cs.berkeley.edu/~daw/papers/joe-e-ndss10.pdf">Joe-E</a>: A Security-Oriented Subset of Java</li>
<li><a href="upgrade/">upgrade</a>: Live fast, die young and leave a good-looking corpse</li>
<li><a href="clickjacking/">clickjacking</a>: The Confused Deputy rides again!</li>
<li><a href="aclsdont/">ACLs don't</a>: The ACL model is unable to make correct
access decisions for interactions involving more than two
principals&hellip;</li>
</ul>
<h3><a name="tour" href="#tour">A tour of the ref_send API</a></h3>
<ul>
<li><a href="javadoc/org/ref_send/package-summary.html#package_description">org.ref_send</a>: Document-oriented design</li>
<li><a href="javadoc/org/ref_send/promise/package-summary.html#package_description">org.ref_send.promise</a>: An introduction to promises</li>
<li><a href="javadoc/org/ref_send/promise/Eventual.html">org.ref_send.promise.Eventual</a>: The eventual operator</li>
<li><a href="http://waterken.svn.sourceforge.net/viewvc/waterken/server/trunk/waterken/example/src/org/waterken/bang/Beat.java?view=markup#l_23">Beat.java</a>: An introduction to eventual operations in Java</li>
<li><a href="web_send/">web_send</a>: JSON shell for the browser</li>
<li><a href="bang/?o=2009-06-01">Bang Tutorial</a>: An introduction to eventual operations in Javascript</li>
<li><a href="web_send/wsh/">web_send wsh</a>: JSON shell free from Same Origin Policy</li>
</ul>
<h3><a name="advanced" href="#advanced">Advanced play with the ref_send API</a></h3>
<ul>
<li><a href="http://waterken.svn.sourceforge.net/viewvc/waterken/server/trunk/waterken/example/src/org/waterken/factorial/Factorial.java?view=markup#l_15">Factorial.java</a>: tail recursive factorial</li>
<li>A FIFO queue, where elements can be removed <i>before</i> they've been
added.
<ul>
<li><a href="javadoc/org/waterken/serial/Series.html">Series</a>: an infinite series interface</li>
<li><a href="http://waterken.svn.sourceforge.net/viewvc/waterken/server/trunk/waterken/example/src/org/waterken/serial/PopPushN.java?view=markup#l_27">PopPushN.java</a>: using an infinite series</li>
<li><a
href="http://waterken.svn.sourceforge.net/viewvc/waterken/server/trunk/waterken/example/src/org/waterken/serial/Serial.java?view=markup#l_24">Serial.java</a>: an infinite series implementation</li>
</ul>
</li>
</ul>
<h3><a name="developer" href="#developer">Working with the Waterken server</a></h3>
<ul>
<li><a href="subclipse/">subclipse setup</a>: Using Subversion with the Waterken server under Eclipse</li>
<li><a href="deploy/">deploy</a>: Deploying the Waterken server</li>
<li><a href="debug/">debug</a>: Debugging a Waterken application</li>
</ul>
</div>
<p class="footer comment">
<span class="copyright">Copyright 2004-2009 Waterken Inc. All rights reserved.</span>
<span class="trademark">Waterken is a registered trademark of Waterken Inc.</span>
</p>
</body>
</html>
